#!/bin/bash

# 生成随机密码
VPN_USER="vpnuser"
VPN_PASS=$(tr -dc A-Za-z0-9 </dev/urandom | head -c 10)

# 安装 pptpd
yum install -y epel-release
yum install -y pptpd ppp

# 配置 pptpd
cat > /etc/pptpd.conf <<EOF
option /etc/ppp/options.pptpd
logwtmp
localip 192.168.0.1
remoteip 192.168.0.100-200
EOF

# 添加 VPN 用户
cat > /etc/ppp/chap-secrets <<EOF
$VPN_USER pptpd $VPN_PASS *
EOF

# 配置 ppp 选项
cat > /etc/ppp/options.pptpd <<EOF
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
ms-dns 8.8.8.8
ms-dns 8.8.4.4
proxyarp
lock
nobsdcomp
EOF

# 开启转发
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
sysctl -p

# 设置 iptables NAT（适用于 eth0 网卡）
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
service iptables save || true

# 启动服务
systemctl enable pptpd
systemctl restart pptpd

# 输出信息
PUBLIC_IP=$(curl -s https://api.ipify.org)
echo "=============================="
echo "PPTP VPN 安装完成"
echo "服务器 IP: $PUBLIC_IP"
echo "用户名: $VPN_USER"
echo "密码: $VPN_PASS"
echo "=============================="
